The Inner Circle

 View Only
  • 1.  ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Posted Dec 24, 2021 04:06:00 AM
    Hi All,

    ISO/IEC recently published: ISO/IEC 27013:2021 Information security, cybersecurity, and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    This document gives guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 for organizations intending to:

    a) implement ISO/IEC27001 when ISO/IEC 20000-1 is already implemented, or vice versa;

    b) implement both ISO/IEC27001 and ISO/IEC 20000-1 together; or

    c) integrate existing management systems based on ISO/IEC27001 and ISO/IEC 20000-1.

    This document focuses exclusively on the integrated implementation of an information security management system (ISMS) as specified in ISO/IEC 27001 and a service management system (SMS) as specified in ISO/IEC 20000-1.

    You can purchase this standard here: https://www.iso.org/standard/78752.html

    You can preview this standard here: https://www.iso.org/obp/ui/#iso:std:iso-iec:27013:ed-3:v1:en

    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------


  • 2.  RE: ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Posted 28 days ago
      |   view attached
    [email protected]">

    Anda telah dijemput ke acara ini.

    Re: ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Bila
    Sel 28 Dis 2021 2PG – 3PG Waktu Malaysia - Kuala Lumpur
    Kalendar
    Hadirin
    [email protected] - penganjur
    Kehadiran anda bersifat pilihan.

    Hadir (cloudsecur[email protected]connectedcommunity.org)?    - -     

    Jemputan daripada Kalendar Google

    Anda menerima e-mel ihsan ini pada akaun cloudsecur[email protected]connectedcommunity.org kerana anda merupakan hadirin acara ini.

    Tolak acara ini untuk berhenti menerima kemas kini masa hadapan bagi acara tersebut. Anda juga boleh mendaftar untuk akaun Google di https://calendar.google.com/calendar/ dan mengawal tetapan pemberitahuan anda untuk seluruh kalendar anda.

    Tindakan mengirim semula jemputan ini boleh membenarkan mana-mana penerima menghantar jawapan kepada pengelola dan ditambahkan pada senarai tetamu atau menjemput orang lain tanpa mengambil kira status jemputan mereka sendiri atau mengubah suai RSVP anda. Ketahui Lebih Lanjut.




    Attachment(s)

    ics
    invite.ics   2 KB 1 version


  • 3.  RE: ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Posted 18 days ago
    Does anyone know how does this differ from ISO/IEC 20000-7?

    https://www.iso.org/standard/76542.html

    On the surface it looks the same...

    ------------------------------
    Zbyszek K-M
    Security Admin
    Exea
    ------------------------------



  • 4.  RE: ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Posted 15 days ago

    ISO/IEC TR 20000-7:2019:

    This document provides guidance on the integrated implementation of a service management system (SMS) as specified in ISO/IEC 20000-1 with a quality management system (QMS) as specified in ISO 9001 and an information security management system (ISMS)

    SMS + QMS + ISMS

    ISO/IEC 27013:2021:
    This document gives guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1 

    ISMS + SMS



    ------------------------------
    Muralidaran R
    HCL Technologies
    HCL Technologies
    ------------------------------



  • 5.  RE: ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Posted 15 days ago
    20000-7 = SMS + QMS + ISMS
    27013:2021 = SMS + ISMS


    ------------------------------
    Muralidaran R
    HCL Technologies
    HCL Technologies
    ------------------------------



  • 6.  RE: ISO/IEC 27013:2021 Information security, cybersecurity and privacy protection - Guidance on the integrated implementation of ISO/IEC 27001 and ISO/IEC 20000-1

    Posted 15 days ago
    20000-Part 7: Is Guidance on the integration and correlation of ISO/IEC 20000-1:2018 to ISO 9001:2015 and ISO/IEC 27001:2013

    27013 focuses exclusively on the integrated implementation of an information security management system (ISMS) as specified in ISO/IEC 27001 and a service management system (SMS) as specified in ISO/IEC 20000-1.

    Now the process followed for integrated management systems is generally the same, in these cases, 20k part 7 includes the quality management system as well.

    You may want to read the IAF MD-11 Document IAF MANDATORY DOCUMENT FOR THE APPLICATION OF ISO/IEC 17021 FOR AUDITS OF INTEGRATED MANAGEMENT SYSTEMS.

    This provides more details on the requirements of an integrated MS and how they will be audited.
    John A DiMaria; CSSBB, AMBCI, HISP, MHISP, CERP
    Assurance Investigatory Fellow
    Cloud Security Alliance
    m:+1 314 374-9752




    https://cloudsecurityalliance.org/events/virtual-events-and-webinars/
    This e-mail account is used only for work-related purposes; it is not guaranteed that any correspondence sent to this address will be read by the addressee only, as it may be necessary, under certain circumstances, for third parties appointed by the Cloud Security Alliance to access this e-mail account. Please do not send any messages of a personal nature to this address.